|
|
2fc102 |
From 37722379349e257e2e77583e515ceafa3eee804c Mon Sep 17 00:00:00 2001
|
|
|
2fc102 |
From: Jakub Hrozek <jhrozek@redhat.com>
|
|
|
2fc102 |
Date: Tue, 21 Jan 2014 23:40:17 +0100
|
|
|
2fc102 |
Subject: [PATCH 69/71] LDAP: Don't clobber original_member during enumeration
|
|
|
2fc102 |
|
|
|
2fc102 |
---
|
|
|
2fc102 |
src/providers/ldap/sdap_async_groups.c | 17 +++++++++++------
|
|
|
2fc102 |
1 file changed, 11 insertions(+), 6 deletions(-)
|
|
|
2fc102 |
|
|
|
2fc102 |
diff --git a/src/providers/ldap/sdap_async_groups.c b/src/providers/ldap/sdap_async_groups.c
|
|
|
2fc102 |
index 9eece9a6e4baaf302a28b57a63dae45a0741136c..4ed7d4ab9c0c932da49b244f061329a334719159 100644
|
|
|
2fc102 |
--- a/src/providers/ldap/sdap_async_groups.c
|
|
|
2fc102 |
+++ b/src/providers/ldap/sdap_async_groups.c
|
|
|
2fc102 |
@@ -807,6 +807,7 @@ static int sdap_save_groups(TALLOC_CTX *memctx,
|
|
|
2fc102 |
int num_groups,
|
|
|
2fc102 |
bool populate_members,
|
|
|
2fc102 |
hash_table_t *ghosts,
|
|
|
2fc102 |
+ bool save_orig_member,
|
|
|
2fc102 |
char **_usn_value)
|
|
|
2fc102 |
{
|
|
|
2fc102 |
TALLOC_CTX *tmpctx;
|
|
|
2fc102 |
@@ -864,9 +865,9 @@ static int sdap_save_groups(TALLOC_CTX *memctx,
|
|
|
2fc102 |
usn_value = NULL;
|
|
|
2fc102 |
|
|
|
2fc102 |
/* if 2 pass savemembers = false */
|
|
|
2fc102 |
- ret = sdap_save_group(tmpctx, sysdb,
|
|
|
2fc102 |
- opts, dom, groups[i],
|
|
|
2fc102 |
- populate_members, has_nesting,
|
|
|
2fc102 |
+ ret = sdap_save_group(tmpctx, sysdb, opts, dom, groups[i],
|
|
|
2fc102 |
+ populate_members,
|
|
|
2fc102 |
+ has_nesting && save_orig_member,
|
|
|
2fc102 |
ghosts, &usn_value, now);
|
|
|
2fc102 |
|
|
|
2fc102 |
/* Do not fail completely on errors.
|
|
|
2fc102 |
@@ -1835,7 +1836,7 @@ static void sdap_get_groups_process(struct tevent_req *subreq)
|
|
|
2fc102 |
"to allow unrolling of nested groups.\n"));
|
|
|
2fc102 |
ret = sdap_save_groups(state, state->sysdb, state->dom, state->opts,
|
|
|
2fc102 |
state->groups, state->count, false,
|
|
|
2fc102 |
- NULL, NULL);
|
|
|
2fc102 |
+ NULL, true, NULL);
|
|
|
2fc102 |
if (ret) {
|
|
|
2fc102 |
DEBUG(2, ("Failed to store groups.\n"));
|
|
|
2fc102 |
tevent_req_error(req, ret);
|
|
|
2fc102 |
@@ -1887,10 +1888,14 @@ static void sdap_get_groups_done(struct tevent_req *subreq)
|
|
|
2fc102 |
|
|
|
2fc102 |
/* If ignore_group_members is set for the domain, don't update
|
|
|
2fc102 |
* group memberships in the cache.
|
|
|
2fc102 |
+ *
|
|
|
2fc102 |
+ * If enumeration is on, don't overwrite orig_members as they've been
|
|
|
2fc102 |
+ * saved earlier.
|
|
|
2fc102 |
*/
|
|
|
2fc102 |
ret = sdap_save_groups(state, state->sysdb, state->dom, state->opts,
|
|
|
2fc102 |
state->groups, state->count,
|
|
|
2fc102 |
!state->dom->ignore_group_members, NULL,
|
|
|
2fc102 |
+ !state->enumeration,
|
|
|
2fc102 |
&state->higher_usn);
|
|
|
2fc102 |
if (ret) {
|
|
|
2fc102 |
DEBUG(2, ("Failed to store groups.\n"));
|
|
|
2fc102 |
@@ -2014,7 +2019,7 @@ static void sdap_ad_match_rule_members_process(struct tevent_req *subreq)
|
|
|
2fc102 |
/* Now save the group, users and ghosts to the cache */
|
|
|
2fc102 |
ret = sdap_save_groups(tmp_ctx, state->sysdb, state->dom,
|
|
|
2fc102 |
state->opts, state->groups, 1,
|
|
|
2fc102 |
- false, ghosts, NULL);
|
|
|
2fc102 |
+ false, ghosts, true, NULL);
|
|
|
2fc102 |
if (ret != EOK) {
|
|
|
2fc102 |
DEBUG(SSSDBG_MINOR_FAILURE,
|
|
|
2fc102 |
("Could not save group to the cache: [%s]\n",
|
|
|
2fc102 |
@@ -2090,7 +2095,7 @@ static void sdap_nested_done(struct tevent_req *subreq)
|
|
|
2fc102 |
}
|
|
|
2fc102 |
|
|
|
2fc102 |
ret = sdap_save_groups(state, state->sysdb, state->dom, state->opts,
|
|
|
2fc102 |
- groups, group_count, false, ghosts,
|
|
|
2fc102 |
+ groups, group_count, false, ghosts, true,
|
|
|
2fc102 |
&state->higher_usn);
|
|
|
2fc102 |
if (ret != EOK) {
|
|
|
2fc102 |
goto fail;
|
|
|
2fc102 |
--
|
|
|
2fc102 |
1.8.4.2
|
|
|
2fc102 |
|